Industrial giant Siemens and network cloud security company Zscaler on Wednesday announced a partnership aimed toward bringing the benefits of zero-trust to operational technology (OT) environments.
Siemens Chief Technology Officer Hanna Hennig said as more companies converge OT and IT networks, there’s a need to bring the zero-trust approach developed for IT networks to OT. The partnership will combine Siemens communications technology with ZScaler’s cloud-based platform, an approach that Hennig said has been tested successfully in Siemens' plants.
"Today, the protection of companies can no longer be limited to just IT settings,” said Deepak Patel, OT Security in the Office of the CEO at ZScaler. "Together, Siemens and Zscaler are bringing the benefits of zero-trust to OT environments, thereby increasing control and protection mechanisms for all technology assets, including in production environments."
Security teams often find implementing zero trust in an OT environment especially challenging, said Frank Dickson, program vice president, security and trust at IDC. Dickson said 20- and 30-year-old systems powered by out-of-support operating systems are not uncommon in the OT world.
“Additionally, the CIA triangle of confidentiality first, integrity second, and then availability can get turned on its head as availability becomes the penultimate goal,” Dickson said. “Forgive the sensationalism, but if OT systems go down, people can get hurt. Delivering tools that enable least-privileged-access for OT is exactly the right first step to implement zero-trust in OT.”
John Grady, a senior analyst who covers network security at the Enterprise Strategy Group, said Zscaler has become laser-focused on zero trust over the last six months. Grady said they have developed a broad ecosystem of vendor partners supporting zero-trust.
“This partnership with Siemens is interesting in that it brings modern, remote access capabilities through zero-trust network access (ZTNA) to OT networks,” Grady said. “We still see a lot of VPN usage across the industry generally, but more and more interest in ZTNA, and planning for VPN replacement. In part because of the different systems and protocols, OT networks have definitely continued to rely on VPNs, so this partnership this fills a significant need.”